The requirements for security features within the mobile communication system UMTS are specified by the 3rd Generation Partnership Project (3GPP). These security features are realized by the use of cryptographic functions and algorithms. In total, 3GPP identified the need for 9 cryptographic algorithms and functions, as described in 3GPP TS 33.102 v3.5.0: “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security Architecture” (“3GPP102”), the contents of which are incorporated herein by reference. Two of these functions, called f8 and f9, are used for cipher and integrity protection of the 3GPP radio interface, and have already been developed and are part of the 3GPP standard specifications.
The algorithms for authentication and key generation are not standardized as they can well be proprietary and chosen by each operator, as is done in GSM. The context for these algorithms, known as f1, f1*, f2, f3, f4, f5, f5*, is described in 3GPP102. The generic requirements for these algorithms are specified in 3GPP TS 33.105 v3.4.0: “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Cryptographic Algorithm Requirements”, which is incorporated herein by reference.
The existing sample specification and algorithm set uses AES, and is described in 3GPP TS 35.205 v10.0.0: “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*” (“3GPP205”), which is incorporated herein by reference. This description has become the defacto standard within the mobile telecommunication industry. A consequence of this is that all telecommunication security is predicated on the security of AES, with little means to replace it should cryptanalysis of AES advance.
Just as the need for security features within mobile communication systems is being met, there is a corresponding need for facilitating lawful interception for authorized entities. Many carriers are burdened with such lawful intercept requirements.